N+ OIDC Session Management: auth_request handles 200/401 with NJS (for ACM: Private/Public/Partner API) - Githubissues

nginx-openid-connect / nginx-oidc-core

Reference implementation of OpenID Connect integration for NGINX Plus

BSD 2-Clause "Simplified" License

1 stars 2 forks source link

N+ OIDC Session Management: auth_request handles 200/401 with NJS (for ACM: Private/Public/Partner API) #4

Open shawnhankim opened 2 years ago

shawnhankim commented 2 years ago

Background:

NGINX auth_request directive could handle 200 response from NJS module in the past. (I haven't checked the N+ version.) However, It returns only 401 although NJS returns 200.
To successfully manage OIDC session for the Private/Public/Partner API of NGINX ACM & Developer Portal, this needs to be either fixed or implemented by other ways.

AC:

Investigate the root cause why NGINX auth_request directive return 401 from the 200 response of NJS.
Try session management without using auth_request.
OIDC Ref. Implementation: Either fix N+ auth_request with NJS or enhance new way of session management.
Implement the logic in the ACM & Developer Portal if necessary.